As the information-oriented society progresses, there is an increasing need for protection of personal privacy and a technique for building a security system for safely transmitting information via encoding and decoding also becomes an essential technology.
In the advanced information society, as diverse types of equipment become electronic, use of computing devices, such as an embedded system or system on chip (SoC), other than high-performance computer forms, drastically increases. For example, computing devices including radio-frequency identification (RFID), a smart card, a Universal Subscriber Identity Module (USIM), a one time password (OTP), or the like are widely utilized.
For safe use of such computing devices, building a security system is essentially required, through which security functions of protecting important information using encoding and decoding algorithms or of allocating access rights using identification and authentication functions may be carried out. In performing these security functions, a cryptographic key or unique identification (ID) is used, which is essential elements for the security system and is referred to as an identification key hereinafter. When an identification key is generated, a method of externally generating a pseudo random number (PRN), cryptographically safe externally, and storing the number in a nonvolatile memory, such as a flash memory and an electrically erasable programmable read-only memory (EEPROM), is generally used.
Recently, different attacks, such as side channel attacks and reverse engineering attacks, tend to be carried out to identification keys stored in computing devices. To safely generate and store an identification key against such kinds of attacks, physical unclonable function (PUF) technology is developing.
A PUF is a technique for generating an identification key using subtle differences in physical properties present in an electronic system and maintaining or storing the identification key unchanged, which is also referred to as hardware fingerprint.
A necessary condition for use of a PUF as an identification key is sufficiently secured randomness of the generated identification. PUF-based hardware with sufficiently secured randomness is determined as an acceptable product, whereas PUF-based hardware with low randomness needs to be determined as a defective product since a PUF-based identifier is possibly estimated due to low randomness of a PUF value. However, there is never disclosed such a determination method conventionally, and thus developing a randomness test apparatus and methods capable of determining whether PUF-based hardware has sufficient randomness is required. Further, a great number of bits of data are necessary for verifying randomness, while PUF-based hardware generates limited data only.
Meanwhile, since a defective product possibly happens due to defects among all circuits fabricated in a semiconductor process, a testing process for determining whether circuits are acceptable or defective is needed. Here, PUF-based hardware generates a random value, and thus a conventional testing process is unable to determine defectiveness of the PUF-based hardware.
That is, a method of testing defectiveness and randomness of PUF-based hardware needs to be developed.